#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

enterprise security | Breaking Cybersecurity News | The Hacker News

Category — enterprise security
AI in Cybersecurity: What's Effective and What’s Not – Insights from 200 Experts

AI in Cybersecurity: What's Effective and What's Not – Insights from 200 Experts

Jan 29, 2025 Threat Detection / Artificial Intelligence
Curious about the buzz around AI in cybersecurity? Wonder if it's just a shiny new toy in the tech world or a serious game changer? Let's unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity. Join Ravid Circus , a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing survey of 200 industry insiders. This isn't your average tech talk; it's a down-to-earth, insightful discussion about what AI is actually doing for us today. Why Tune In? Get the Inside Scoop: How are real-world security teams using AI right now? Learn about the genuine perks and the real snags, from data hiccups to transparency troubles. Boost Your Cyber Defenses: Discover which cybersecurity corners AI is revolutionizing the most. It's about pinpointing where AI can really beef up your security measures. Walk Away With a Game Plan: This isn't just about high-level idea...
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers

Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers

Jan 23, 2025 Malware / Enterprise Security
Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic . According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a "magic packet" sent by the threat actor in TCP traffic.  "J-magic campaign marks the rare occasion of malware designed specifically for Junos OS, which serves a similar market but relies on a different operating system, a variant of FreeBSD," the company said in a report shared with The Hacker News. Evidence gathered by the company shows that the earliest sample of the backdoor dates back to September 2023, with the activity ongoing between mid-2023 and mid-2024. Semiconductor, energy, manufacturing, and information technology (IT) sectors were the most targeted. Infections have been reported across Europe, Asia, and South America, including Argentina, Armenia, Brazil, Chile, Colombia, Indone...
Watch Out For These 8 Cloud Security Shifts in 2025

Watch Out For These 8 Cloud Security Shifts in 2025

Feb 04, 2025Threat Detection / Cloud Security
As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are other developments that could impact your organizations and drive the need for an even more robust security strategy. Let's take a look… #1: Increased Threat Landscape Encourages Market Consolidation Cyberattacks targeting cloud environments are becoming more sophisticated, emphasizing the need for security solutions that go beyond detection. Organizations will need proactive defense mechanisms to prevent risks from reaching production. Because of this need, the market will favor vendors offering comprehensive, end-to-end security platforms that streamline risk mitigation and enhance operational efficiency. #2: Cloud Security Unifies with SOC Priorities Security operations centers (SOC) and cloud security functions are c...
How to Eliminate Identity-Based Threats

How to Eliminate Identity-Based Threats

Jan 23, 2025 Identity Security / Enterprise Security
Despite significant investments in advanced technologies and employee training programs, credential and user-based attacks remain alarmingly prevalent, accounting for 50-80% of enterprise breaches [1] , [2] . While identity-based attacks continue to dominate as the leading cause of security incidents, the common approach to identity security threats is still threat reduction, implementing layers of controls to reduce risk while accepting that some attacks will succeed. This methodology relies on detection, response, and recovery capabilities to minimize damage after a breach has already occurred, but it does not prevent the possibility of successful attacks.  The good news? Finally, there's a solution that marks a true paradigm shift: with modern authentication technologies, the complete elimination of identity-based threats is now within reach. This groundbreaking advancement moves us beyond the traditional focus on risk reduction, offering organizations a way to fully neutraliz...
cyber security

Webinar: 5 Ways New AI Agents Can Automate Identity Attacks | Register Now

websitePush SecurityAI Agents / Identity Security
Watch how Computer-Using Agents can be used by attackers to automate account takeover and exploitation.
Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products

Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products

Jan 22, 2025 Vulnerability / Enterprise Security
Oracle is urging customers to apply its January 2025 Critical Patch Update (CPU) to address 318 new security vulnerabilities spanning its products and services. The most severe of the flaws is a bug in the Oracle Agile Product Lifecycle Management (PLM) Framework (CVE-2025-21556, CVSS score: 9.9) that could allow an attacker to seize control of susceptible instances. "Easily exploitable vulnerability allows low privileged attackers with network access via HTTP to compromise Oracle Agile PLM Framework," according to a description of the security hole in the NIST National Vulnerability Database (NVD). It's worth noting that Oracle warned of active exploitation attempts against another flaw in the same product (CVE-2024-21287, CVSS score: 7.5) in November 2024. Both vulnerabilities affect Oracle Agile PLM Framework version 9.3.6. "Customers are strongly advised to apply the January 2025 Critical Patch Update for Oracle Agile PLM Framework as it includes patche...
Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity

Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity

Jan 10, 2025 Network Security / Policy Management
Network segmentation remains a critical security requirement, yet organizations struggle with traditional approaches that demand extensive hardware investments, complex policy management, and disruptive network changes. Healthcare and manufacturing sectors face particular challenges as they integrate diverse endpoints – from legacy medical devices to IoT sensors – onto their production networks. These devices often lack robust security hardening, creating significant vulnerabilities that traditional segmentation solutions struggle to address. Elisity aims to solve these challenges through an innovative approach that leverages existing network infrastructure while providing identity-based microsegmentation at the network edge. Rather than requiring new hardware, agents or complex network redesigns, Elisity customers run a few lightweight virtual connectors (called Elisity Virtual Edge) to enforce security policies through organizations' current switching infrastructure. In this hands...
Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar

Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar

Dec 07, 2024 Enterprise Security / Threat Prevention
Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and massive business losses. Even top organizations struggle to secure privileged accounts. Why? Traditional Privileged Access Management (PAM) solutions often fall short, leaving: Blind spots that limit full visibility. Complex deployment processes. Manual account discovery that's time-consuming. Weak enforcement of least privilege access. Gaps that let admins bypass controls. These flaws leave critical vulnerabilities that attackers exploit daily. But it doesn't have to be this way. In our webinar, " Preventing Privilege Escalation: Effective PAS Practices for Today's Threat Landscape , " we'll show you how to secure your privileged accounts and stay ahead of threats. What you'll gain: Close Security Gaps : Learn to find and fix vulnerabilities in your privileged accounts. Actionable Insights : Discover proven PAS strategies ...
Protecting Tomorrow's World: Shaping the Cyber-Physical Future

Protecting Tomorrow's World: Shaping the Cyber-Physical Future

Nov 29, 2024 Enterprise Security / Cloud Computing
The lines between digital and physical realms increasingly blur. While this opens countless opportunities for businesses, it also brings numerous challenges. In our recent webinar, Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025 , we explored the different factors shaping the cyber-physical future. In an insightful conversation with industry experts, we discussed the most pressing security concerns of today and how to address them. Allison J. Taylor, the founder and CEO of Thought Marketing LLC, unveiled trends and recommended strategies businesses can employ to proactively bolster their security amidst evolving cyber challenges. Cesar Salazar, COO of Claro Enterprise Solutions, delved into innovative solutions that could propel business tech forward. He emphasized cyber-physical convergence, the use of emerging technologies, and responsive security operations. Below are the key takeaways from the webinar. These provide an overview of why businesses...
Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack

Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack

Oct 24, 2024 Vulnerability / Network Security
Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance (ASA) that could lead to a denial-of-service (DoS) condition. The vulnerability, tracked as CVE-2024-20481 (CVSS score: 5.8), affects the Remote Access VPN (RAVPN) service of Cisco ASA and Cisco Firepower Threat Defense (FTD) Software. Arising due to resource exhaustion, the security flaw could be exploited by unauthenticated, remote attackers to cause a DoS of the RAVPN service. "An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device," Cisco said in an advisory. "A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device." Restoration of the RAVPN service may require a reload of the device depending on the impact of the attack, the networking equipment company added. While there are no dire...
A Comprehensive Guide to Finding Service Accounts in Active Directory

A Comprehensive Guide to Finding Service Accounts in Active Directory

Oct 22, 2024 Identity Management / Security Automation
Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due to their elevated privileges. This guide will walk you through how to locate and secure these accounts within Active Directory (AD), and explore how Silverfort's solutions can help enhance your organization's security posture. Understanding Security Accounts Service accounts are specialized Active Directory accounts that provide the necessary security context for services running on servers. Unlike user accounts , they aren't linked to individuals but enable services and applications to interact with the network autonomously. With their high-level permissions, service accounts are attractive targets for attackers if left unmanaged. Hence, proper management and monitoring are critical to prevent security breaches. Finding Service Accounts in Active Directory Due to the sheer number of acco...
VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

Oct 22, 2024 Vulnerability / Enterprise Security
VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution," Broadcom-owned virtualization services provider said . The flaw was originally reported by zbl and srs of team TZL at the Matrix Cup cybersecurity competition held in China earlier this year. "VMware by Broadcom has determined that the vCenter patches released on September 17, 2024, did not fully address CVE-2024-38812," the company noted. Patches for the flaw are available in the below vCenter Server versions - 8.0 U3d 8.0 U2e, and  7.0 U3t It's also available as an a...
The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture

The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture

Oct 18, 2024 Webinar / Data Protection
Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today's fast-evolving landscape can feel like an impossible challenge. But there's a game-changing solution: Data Security Posture Management (DSPM). Think of it as a high-tech, super-powered lens that reveals your entire data puzzle—helping you find every piece, fix vulnerabilities, and secure everything with confidence. Join Our Webinar " Building a Successful Data Security Posture Management Program ," to Unlock the Full Potential of DSPM: Uncover Every Hidden Piece: DSPM shows you exactly where your critical data resides, even the parts you didn't know were there, so you can take control and secure it. Shield Your Data from Threats: Like a vigilant security guard, DSPM detects potential risks and helps you fend off attacks before they cause da...
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access

Oct 16, 2024 Enterprise Security / Vulnerability
GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 "An attacker could bypass SAML single sign-on (SSO) authentication with the optional encrypted assertions feature, allowing unauthorized provisioning of users and access to the instance, by exploiting an improper verification of cryptographic signatures vulnerability in GitHub Enterprise Server," GitHub said in an alert. The Microsoft-owned company characterized the flaw as a regression that was introduced as part of follow-up remediation from CVE-2024-4985 (CVSS score: 10.0), a maximum severity vulnerability that was patched back in May 2024. Also fixed by GitHub are two other shortcomings - CVE-2024-9539 (CVSS score: 5.7) - An information disclosure vulnerability that could enable an attacker to ret...
Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems

Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems

Oct 10, 2024 Vulnerability / Enterprise Security
Cybersecurity researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands. The flaw, assigned the CVE identifier CVE-2024-9441 , carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck . "A vulnerability in the Nortek Linear eMerge E3 allows remote unauthenticated attackers to cause the device to execute arbitrary command," SSD Disclosure said in an advisory for the flaw released late last month, stating the vendor has yet to provide a fix or a workaround. The flaw impacts the following versions of Nortek Linear eMerge E3 Access Control: 0.32-03i, 0.32-04m, 0.32-05p, 0.32-05z, 0.32-07p, 0.32-07e, 0.32-08e, 0.32-08f, 0.32-09c, 1.00.05, and 1.00.07. Proof-of-concept (PoC) exploits for the flaw have been released following public disclosure, raising concerns that it could be exploited by threat actors. It's worth noting ...
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks

Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks

Oct 09, 2024 Enterprise Security / Identity Theft
Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities and devices and conduct business email compromise ( BEC ) attacks, which ultimately result in financial fraud, data exfiltration, and lateral movement to other endpoints. The weaponization of legitimate internet services (LIS) is an increasingly popular risk vector adopted by adversaries to blend in with legitimate network traffic in a manner such that it often bypasses traditional security defenses and complicates attribution efforts. The approach is also called living-off-trusted-sites (LOTS), as it leverages the trust and familiarity of these services to sidestep email security guardrails and deliver malware. Microsoft said it has been observing a new trend in phishing c...
Expert Insights / Articles Videos
Cybersecurity Resources